Java applet with self-signed certificate on OS X Mountain Lion

Question

We have a Java applet that needs to run with full trust.

While developing and during pre-release tests we sign it using a self-signed certificate (the production version is signed with a real code signing certificte).

But when we try to start the self-signed applet on the prerelases of OS X 10.8, we can no longer choose to allow it to run. The "Allow"-button is simply disabled:

If I press "Show Details..." I can choose to "Always trust" the certificate, but this makes no difference:

It works with the same version of the Java JRE on OS X Lion 10.7, so I suspect it is an issue with the OS and not the JRE.

Are there any workarounds?

I would prefer not to use a real code signing certificate for testing: signing with a real code signing certificate means that my company asserts that the applet is secure and should be trusted. We can hardly assert that before we have tested it.

Answer 1

It is new security feature in Mac OS X, by default only apps from Mac Store & from trusted developers are allowed to run there. Fortunatelly, it is easy to change, you have to allow this in Mac OS X preferences.

Go to Preferences -> Security & Privacy and click on padlock to allow changes.

Then in "Allow appications downloaded from" select "Anywhere".

After that, the button in Java dialog will be enabled.

Answer 2

If you get the "Application Blocked by Security Settings" message, you need to go into System Preferences: Java: Security and either add your site to the exception list or reduce the security level to Medium.